Total vulnerabilities in the database
The ghost plugin before 0.5.6 for WordPress has no access control for wp-admin/tools.php?ghostexport=true downloads of exported data.
CVSS v3:
CVSS v2:
CWEs:
OWASP TOP 10: